Merge branch 'tor-gitlab/mr/711'

5 files changed, 53 insertions, 16 deletions

diff --git a/src/test/test_bwmgt.c b/src/test/test_bwmgt.c
index a034c369d1..51ad8be59f 100644
--- a/src/test/test_bwmgt.c
+++ b/src/test/test_bwmgt.c
@@ -243,10 +243,30 @@ test_bwmgt_token_buf_refill(void *arg)
   tt_int_op(b.read_bucket.bucket, OP_GT, 8*KB-400);
   tt_int_op(b.read_bucket.bucket, OP_LT, 8*KB+400);
 
-  // A ridiculous amount of time passes.
-  tt_int_op(0, OP_EQ, token_bucket_rw_refill(&b, INT32_MAX));
+  /* A large amount of time passes, but less than the threshold at which
+   * we start detecting an assumed rollover event. This might be about 20
+   * days on a system with stamp units equal to 1ms. */
+  uint32_t ts_stamp = START_TS + UINT32_MAX / 5;
+  tt_int_op(0, OP_EQ, token_bucket_rw_refill(&b, ts_stamp));
   tt_int_op(b.read_bucket.bucket, OP_EQ, b.cfg.burst);
 
+  /* Fully empty the bucket and make sure it's filling once again */
+  token_bucket_rw_dec_read(&b, b.cfg.burst);
+  tt_int_op(b.read_bucket.bucket, OP_EQ, 0);
+  tt_int_op(1, OP_EQ, token_bucket_rw_refill(&b, ts_stamp += BW_SEC));
+  tt_int_op(b.read_bucket.bucket, OP_GT, 16*KB - 300);
+  tt_int_op(b.read_bucket.bucket, OP_LT, 16*KB + 300);
+
+  /* An even larger amount of time passes, which we take to be a 32-bit
+   * rollover event. The individual update is ignored, but the timestamp
+   * is still updated and the very next update should be accounted properly. */
+  tt_int_op(0, OP_EQ, token_bucket_rw_refill(&b, ts_stamp += UINT32_MAX/2));
+  tt_int_op(b.read_bucket.bucket, OP_GT, 16*KB - 600);
+  tt_int_op(b.read_bucket.bucket, OP_LT, 16*KB + 600);
+  tt_int_op(0, OP_EQ, token_bucket_rw_refill(&b, ts_stamp += BW_SEC));
+  tt_int_op(b.read_bucket.bucket, OP_GT, 32*KB - 600);
+  tt_int_op(b.read_bucket.bucket, OP_LT, 32*KB + 600);
+
  done:
   ;
 }
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index 82a9d5d642..926d4178c1 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -2990,6 +2990,7 @@ test_crypto_hashx(void *arg)
 
   const unsigned num_vectors = sizeof vectors / sizeof vectors[0];
   const unsigned num_variations = sizeof variations / sizeof variations[0];
+  hashx_ctx *ctx = NULL;
 
   for (unsigned vec_i = 0; vec_i < num_vectors; vec_i++) {
     const char *seed_literal = vectors[vec_i].seed_literal;
@@ -3008,7 +3009,9 @@ test_crypto_hashx(void *arg)
     for (unsigned vari_i = 0; vari_i < num_variations; vari_i++) {
       uint8_t out_actual[HASHX_SIZE] = { 0 };
 
-      hashx_ctx *ctx = hashx_alloc(variations[vari_i].type);
+      hashx_free(ctx);
+      ctx = hashx_alloc(variations[vari_i].type);
+
       tt_ptr_op(ctx, OP_NE, NULL);
       tt_ptr_op(ctx, OP_NE, HASHX_NOTSUPP);
       retval = hashx_make(ctx, seed_literal, seed_len);
@@ -3017,13 +3020,11 @@ test_crypto_hashx(void *arg)
       memset(out_actual, 0xa5, sizeof out_actual);
       hashx_exec(ctx, hash_input, out_actual);
       tt_mem_op(out_actual, OP_EQ, out_expected, sizeof out_actual);
-
-      hashx_free(ctx);
     }
   }
 
  done:
-  ;
+  hashx_free(ctx);
 }
 
 /* We want the likelihood that the random buffer exhibits any regular pattern
diff --git a/src/test/test_dos.c b/src/test/test_dos.c
index a34420024f..8c9ddfcbe5 100644
--- a/src/test/test_dos.c
+++ b/src/test/test_dos.c
@@ -9,6 +9,7 @@
 #include "core/or/dos.h"
 #include "core/or/circuitlist.h"
 #include "lib/crypt_ops/crypto_rand.h"
+#include "lib/time/compat_time.h"
 #include "feature/stats/geoip_stats.h"
 #include "core/or/channel.h"
 #include "feature/nodelist/microdesc.h"
@@ -23,6 +24,8 @@
 #include "test/test.h"
 #include "test/log_test_helpers.h"
 
+static const uint64_t BILLION = 1000000000;
+
 static networkstatus_t *dummy_ns = NULL;
 static networkstatus_t *
 mock_networkstatus_get_latest_consensus(void)
@@ -58,14 +61,18 @@ mock_enable_dos_protection(const networkstatus_t *ns)
 static void
 test_dos_conn_creation(void *arg)
 {
+  uint64_t monotime_now = 0xfffffffe;
+
   (void) arg;
 
+  monotime_enable_test_mocking();
+  monotime_coarse_set_mock_time_nsec(monotime_now);
   MOCK(get_param_cc_enabled, mock_enable_dos_protection);
   MOCK(get_param_conn_enabled, mock_enable_dos_protection);
 
   /* Initialize test data */
   or_connection_t or_conn;
-  time_t now = 1281533250; /* 2010-08-11 13:27:30 UTC */
+  time_t wallclock_now = 1281533250; /* 2010-08-11 13:27:30 UTC */
   tt_int_op(AF_INET,OP_EQ, tor_addr_parse(&TO_CONN(&or_conn)->addr,
                                           "18.0.0.1"));
   tor_addr_t *addr = &TO_CONN(&or_conn)->addr;
@@ -75,13 +82,14 @@ test_dos_conn_creation(void *arg)
   uint32_t max_concurrent_conns = get_param_conn_max_concurrent_count(NULL);
 
   /* Introduce new client */
-  geoip_note_client_seen(GEOIP_CLIENT_CONNECT, addr, NULL, now);
+  geoip_note_client_seen(GEOIP_CLIENT_CONNECT, addr, NULL, wallclock_now);
   { /* Register many conns from this client but not enough to get it blocked */
     unsigned int i;
     for (i = 0; i < max_concurrent_conns; i++) {
       /* Don't trigger the connect() rate limitation so advance the clock 1
        * second for each connection. */
-      update_approx_time(++now);
+      monotime_coarse_set_mock_time_nsec(monotime_now += BILLION);
+      update_approx_time(++wallclock_now);
       dos_new_client_conn(&or_conn, NULL);
     }
   }
@@ -107,6 +115,7 @@ test_dos_conn_creation(void *arg)
 
  done:
   dos_free_all();
+  monotime_disable_test_mocking();
 }
 
 /** Helper mock: Place a fake IP addr for this channel in <b>addr_out</b> */
diff --git a/src/test/test_hs_dos.c b/src/test/test_hs_dos.c
index 70f2ef412f..81410f7b9b 100644
--- a/src/test/test_hs_dos.c
+++ b/src/test/test_hs_dos.c
@@ -16,6 +16,7 @@
 #include "test/log_test_helpers.h"
 
 #include "app/config/config.h"
+#include "lib/time/compat_time.h"
 
 #include "core/or/circuitlist.h"
 #include "core/or/circuituse.h"
@@ -45,7 +46,8 @@ free_mock_consensus(void)
 static void
 test_can_send_intro2(void *arg)
 {
-  uint32_t now = (uint32_t) approx_time();
+  static const uint64_t BILLION = 1000000000;
+  uint64_t now = 12345;
   or_circuit_t *or_circ = NULL;
 
   (void) arg;
@@ -55,6 +57,8 @@ test_can_send_intro2(void *arg)
 
   get_options_mutable()->ORPort_set = 1;
   setup_mock_consensus();
+  monotime_enable_test_mocking();
+  monotime_coarse_set_mock_time_nsec(now);
 
   or_circ =  or_circuit_new(1, NULL);
 
@@ -68,7 +72,7 @@ test_can_send_intro2(void *arg)
 
   /* Simulate that 10 cells have arrived in 1 second. There should be no
    * refill since the bucket is already at maximum on the first cell. */
-  update_approx_time(++now);
+  monotime_coarse_set_mock_time_nsec(now += BILLION);
   for (int i = 0; i < 10; i++) {
     tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ));
   }
@@ -76,7 +80,7 @@ test_can_send_intro2(void *arg)
              get_intro2_burst_consensus_param(NULL) - 10);
 
   /* Fully refill the bucket minus 1 cell. */
-  update_approx_time(++now);
+  monotime_coarse_set_mock_time_nsec(now += BILLION);
   tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ));
   tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ,
              get_intro2_burst_consensus_param(NULL) - 1);
@@ -84,7 +88,7 @@ test_can_send_intro2(void *arg)
   /* Receive an INTRODUCE2 at each second. We should have the bucket full
    * since at every second it gets refilled. */
   for (int i = 0; i < 10; i++) {
-    update_approx_time(++now);
+    monotime_coarse_set_mock_time_nsec(now += BILLION);
     tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ));
   }
   /* Last check if we can send the cell decrements the bucket so minus 1. */
@@ -92,7 +96,8 @@ test_can_send_intro2(void *arg)
              get_intro2_burst_consensus_param(NULL) - 1);
 
   /* Manually reset bucket for next test. */
-  token_bucket_ctr_reset(&or_circ->introduce2_bucket, now);
+  token_bucket_ctr_reset(&or_circ->introduce2_bucket,
+                         (uint32_t) monotime_coarse_absolute_sec());
   tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ,
              get_intro2_burst_consensus_param(NULL));
 
@@ -115,7 +120,7 @@ test_can_send_intro2(void *arg)
   }
 
   /* One second has passed, we should have the rate minus 1 cell added. */
-  update_approx_time(++now);
+  monotime_coarse_set_mock_time_nsec(now += BILLION);
   tt_int_op(true, OP_EQ, hs_dos_can_send_intro2(or_circ));
   tt_uint_op(token_bucket_ctr_get(&or_circ->introduce2_bucket), OP_EQ,
              get_intro2_rate_consensus_param(NULL) - 1);
@@ -125,6 +130,7 @@ test_can_send_intro2(void *arg)
 
   hs_free_all();
   free_mock_consensus();
+  monotime_disable_test_mocking();
 }
 
 static void
diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c
index cbcdeade92..82b7ec029d 100644
--- a/src/test/test_hs_intropoint.c
+++ b/src/test/test_hs_intropoint.c
@@ -14,6 +14,7 @@
 #include "test/test.h"
 #include "test/log_test_helpers.h"
 #include "lib/crypt_ops/crypto_rand.h"
+#include "lib/time/compat_time.h"
 
 #include "core/or/or.h"
 #include "core/or/channel.h"
@@ -127,7 +128,7 @@ helper_create_intro_circuit(void)
   tt_assert(circ);
   circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_OR);
   token_bucket_ctr_init(&circ->introduce2_bucket, 100, 100,
-                        (uint32_t) approx_time());
+                       (uint32_t) monotime_coarse_absolute_sec());
  done:
   return circ;
 }